CyberSec.Space Logo
CVEブラウザに戻る

CVE-2018-6960

HIGH
8.8
CVSS Severity Score
EPSS Score0.1110%
EPSS Percentile28.96th
Published2018年4月20日
Last Modified2024年11月21日

Vulnerability Description

VMware Horizon DaaS (7.x before 8.0.0) contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS.

Affected Platforms (CPE)

📦
Vmware

Horizon Daas

>= 7.0.0 and < 8.0.0

References & Advisories

🔗 http://www.securityfocus.com/bid/103938
🔗 http://www.securitytracker.com/id/1040731
🔗 https://www.vmware.com/security/advisories/VMSA-2018-0010.html
🔗 http://www.securityfocus.com/bid/103938
🔗 http://www.securitytracker.com/id/1040731
🔗 https://www.vmware.com/security/advisories/VMSA-2018-0010.html

関連する脆弱性情報

CVE-2019-55449.8

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issu...

CVE-2020-39776.5

VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it...

CVE-2017-48975.5

VMware Horizon DaaS before 7.0.0 contains a vulnerability that exists due to insufficient validation of data. An attacker may expl...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...